| Contact Information | |
| Name: | Lucas Donato |
| Email: | lucasdonato (at) gmail (dot) com [email concealed] |
| Location: | Porto Alegre, Rio Grande do Sul, Brazil |
| Resume | |
| Position/Title: | Sr. Security Analyst |
| Resume: |
PERSONAL DETAILS Full Name: Lucas Medeiros Donato Age: 27 Home Address: 170 Santana St. Apt 304, Porto Alegre, Brazil. Mobile phone: +55 51 9321.7508 E-mail: lucasdonato (at) gmail (dot) com [email concealed] PROFILE An Information Security consultant with 6+ years of work experience, CISSP certificated, with large experience in Risk Analysis and Computer Forensics projects. A passionate, autodidact and self-motivated student and researcher, with main focus on Criminal Profiling applied to Computer Forensics since undergraduate studies. A person highly motivated by challenges, with focus on excellence, perseverance, commitment and results. EDUCATION [2000-2004] Bachelor of Computer Science - UFPel - Federal University of Pelotas Thesis Presented : A Computer Forensics Methodology Supported by Psychological Profiling. PROFESSIONAL CERTIFICATION (ISC)2 CISSP - Certified Information System Security Professional CAREER SUMMARY 1. e-trust [March, 2005 - Current] Roles: Consulting Services - Technical Coordinator [since April, 2008] Information Security Consultant [since March, 2005] Activities: Participation in dozens of Risk Analysis Projects, specially Vulnerability Assessment, Penetration Testing and Critical Systems Security Analysis (i.e., Core Banking). Participation in various Incident Response and Forensic Analysis activities (internal and criminal investigations). Experience in leadership of technical teams in simultaneous projects, recruiting, presales, training and development and research of methodologies. Deep knowledge of methodologies like ISO 27000 series, ISO 15408, OWASP, OSSTMM and so on. Participation in projects in the following sectors: Finance, Energy, Government, Banking, Healthcare, Gas and Oil, Steel, Refrigeration, Educational, Consumer goods, Agriculture, IT etc (including Fortune 500). Minority shareholder since September, 2007 2. Config Solutions [April, 2004 - March, 2005] Role: Network Security Analyst Activities: Linux Servers Security Administration, OpenBSD Packet Filtering configuration, VPN configuration, Perimeter Security Testing. 3. UFPel Role 1: Researcher [April, 2003 - October, 2004] Activities: Founder and Leader of UFPel Information Systems Security Group (more: contact me for details) Role 4: Professor (voluntary) [October, 2002 - October, 2003] Activities: Teaching of Computer Networks II classes (twice). PROFESSIONAL AFFILIATIONS HTCIA - High Technology Crime Investigation Association / HTCIA Chapter Brasilia ABP - Academy of Behavioral Profiling ISSA - Information System Security Association / ISSA Brazilian Chapter (ISC)2 - International Information System Security Certification Consortium PROFESSIONAL DEVELOPMENT [1998-currently] Various technical courses related to Computer Networks and Linux (contact-me for details). LANGUAGES - Portuguese (native) - English (advanced) - Spanish (intermediate) - Italian (beginning) PUBLISHED WORKS 1. DONATO, L. M. An Introduction to How Criminal Profiling Could be used as a Support to Computer Hacking Investigation. Journal of Digital Forensic Practice, 2:4, p. 183-195, September 2009. 2. DONATO, L. M. Seguranca da Informacao em Tempos de Crise ("Information Security in Crisis Times"). Antebellum Magazine, vol 6, p.22, March 2009. 3. DONATO, L. M. et al. Uma Analise da Tecnica de Footprint no Processo de Levantamento de Informacoes ("An analysis of footprint technique on information gathering") In: XII Congress of Scientific Research - UFPel, Pelotas, 2003. (and more - contact me for details) UNDERGRADUATE THESIS ADVISORING [2009] Guilherme Macedo - Rootkit Forensic Analysis Co-Advisor - Undergraduate Thesis - Computer Science, UFRGS PARTICIPATION IN CONGRESSES, SYMPOSIUMS AND SEMINARIES [2009] ICCyber - VI International Conference on Cyber Crime Investigation. [2009] Oracle - Security and Identity Management in Governance, Risk and Compliance. [2009] GUSEG - Professional Certifications and Career Planning in Information Security. [2008] GUSEG - Information Security and Electronic Crimes. [2008] ISSA Day - Porto Alegre [2006] Meeting GTER 21 / GTS 7 - Network Operations and Engineering Task Force / Network Security Task Force. UFRGS. (and more - contact me for details) OTHER RELEVANT INFORMATION 1. Participating in a task force (ISSA-BR) to evaluate Brazilian voting machines' security (current) 2. Peer review at Journal of Digital Forensic Practice 3. Participating in the DC3 Digital Forensics Challenge - Department of Defense Cyber Crime Center (current) 4. Lectures about Information Security (since 2004) 5. Academic Performance: 1st place (1st phase) and 2nd place (2nd phase) - Vestibular 1999 (UFPel Computer Science Bachelor - examination to enter the University) |